[Bug 274322] security/ca_root_nss and net/openntpd failed to load constraint

In reply to: bugzilla-noreply_a_freebsd.org: "[Bug 274322] security/ca_root_nss and net/openntpd failed to load constraint"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: <bugzilla-noreply_at_freebsd.org>
Date: Sat, 07 Oct 2023 11:46:05 UTC

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=274322

--- Comment #5 from Christos Chatzaras <chris@cretaforce.gr> ---
With ca_root_nss-3.93 inside /etc/ssl I see this symlink:

cert.pem -> ../../usr/local/share/certs/ca-root-nss.crt

With ca_root_nss-3.93_1 this symlink doesn't exist.

I create it manually and run `certctl rehash` but still Roundcube can't connect
to Dovecot and the logs show:

imap-login: Disconnected: Connection closed: SSL_accept() failed:
error:14094418:SSL routines:ssl3_read_bytes:tlsv1 alert unknown ca: SSL alert
number 48 (no auth attempts in 0 secs): user=<>, rip=144.76.xxx.xxx,
lip=144.76.xxx.xxx, TLS handshaking: SSL_accept() failed: error:14094418:SSL
routines:ssl3_read_bytes:tlsv1 alert unknown ca: SSL alert number 48,
session=<Yy+16xsHxaSQTGjm>

SSL alert number 48 means "unknown_ca".

Any idea what else changed between these two versions?

-- 
You are receiving this mail because:
You are the assignee for the bug.